1. 13 Apr, 2020 8 commits
    • Mark Johnston's avatar
      Relax restrictions on private mappings of POSIX shm objects. · c7841c6b
      Mark Johnston authored
      When creating a private mapping of a POSIX shared memory object,
      VM_PROT_WRITE should always be included in maxprot regardless of
      permissions on the underlying FD.  Otherwise it is possible to open a
      shm object read-only, map it with MAP_PRIVATE and PROT_WRITE, and
      violate the invariant in vm_map_insert() that (prot & maxprot) == prot.
      Reported by:	syzkaller
      Reviewed by:	kevans, kib
      MFC after:	1 week
      Sponsored by:	The FreeBSD Foundation
      Differential Revision:	https://reviews.freebsd.org/D24398
    • Kyle Evans's avatar
      close_range/closefrom: fix regression from close_range introduction · 605c4cda
      Kyle Evans authored
      close_range will clamp the range between [0, fdp->fd_lastfile], but failed
      to take into account that fdp->fd_lastfile can become -1 if all fds are
      closed. =-( In this scenario, just return because there's nothing further we
      can do at the moment.
      Add a test case for this, fork() and simply closefrom(0) twice in the child;
      on the second invocation, fdp->fd_lastfile == -1 and will trigger a panic
      before this change.
      X-MFC-With:	r359836
    • Kyle Evans's avatar
      libc: remove shm_open(2)'s compat fallback · 7c5e60c7
      Kyle Evans authored
      This had been introduced to ease any pain for using slightly older kernels
      with a newer libc, e.g., for bisecting a kernel across the introduction of
      shm_open2(2). 6 months has passed, retire the fallback and let shm_open()
      unconditionally call shm_open2().
      Stale includes are removed as well.
    • Li-Wen Hsu's avatar
      Install expected output file of test missed in r359585 · 1c04eb28
      Li-Wen Hsu authored
      Sponsored by:	The FreeBSD Foundation
    • Alexander V. Chernikov's avatar
    • Xin LI's avatar
      Sync with OpenBSD: · d25a1430
      Xin LI authored
      arc4random.c: In the incredibly unbelievable circumstance where
      _rs_init() fails to allocate pages, don't call abort() because of
      corefile data leakage concerns, but simply _exit().  The reasoning
      is _rs_init() will only fail if someone finds a way to apply
      specific pressure against this failure point, for the purpose of
      leaking information into a core which they can read.  We don't
      need a corefile in this instance to debug that.  So take this
      "lever" away from whoever in the future wants to do that.
      arc4random.3: reference random(4)
      arc4random_uniform.c: include stdint.h over sys/types.h
    • Alexander V. Chernikov's avatar
      Remove tcp_rtlookup6() function signature. · 31330025
      Alexander V. Chernikov authored
       The function itself was removed in r122922 16 years ago.
    • Rick Macklem's avatar
      Delete the mbuf macros that were used for the Mac OS/X port. · 66ea9219
      Rick Macklem authored
      When the code was ported to Mac OS/X, mbuf handling functions were
      converted to using the Mac OS/X accessor functions. For FreeBSD, they
      are a simple set of macros in sys/fs/nfs/nfskpiport.h.
      Since r359757, r359780, r359785, r359810, r359811 have removed all uses
      of these macros, this patch deleted the macros from the .h files.
      My eventual goal is deleting nfskpiport.h, but that will take some more
      editting to replace uses of the remaining macros.
  2. 12 Apr, 2020 13 commits
    • Kyle Evans's avatar
      Bump __FreeBSD_version after r359836, close_range(2) · 9f2dc607
      Kyle Evans authored
      Reported by:	cy
    • Kyle Evans's avatar
    • Kyle Evans's avatar
      Implement a close_range(2) syscall · 472ced39
      Kyle Evans authored
      close_range(min, max, flags) allows for a range of descriptors to be
      closed. The Python folk have indicated that they would much prefer this
      interface to closefrom(2), as the case may be that they/someone have special
      fds dup'd to higher in the range and they can't necessarily closefrom(min)
      because they don't want to hit the upper range, but relocating them to lower
      isn't necessarily feasible.
      sys_closefrom has been rewritten to use kern_close_range() using ~0U to
      indicate closing to the end of the range. This was chosen rather than
      requiring callers of kern_close_range() to hold FILEDESC_SLOCK across the
      call to kern_close_range for simplicity.
      The flags argument of close_range(2) is currently unused, so any flags set
      is currently EINVAL. It was added to the interface in Linux so that future
      flags could be added for, e.g., "halt on first error" and things of this
      This patch is based on a syscall of the same design that is expected to be
      merged into Linux.
      Reviewed by:	kib, markj, vangyzen (all slightly earlier revisions)
      Differential Revision:	https://reviews.freebsd.org/D21627
    • Chris Rees's avatar
      Add mention of wireless option in bsdconfig · 1d3500e0
      Chris Rees authored
      Submitted by:		debdrup
      Approved by:		dteske (maintainer)
      Differential Revision:	https://reviews.freebsd.org/D24378
    • Conrad Meyer's avatar
      Add queue(2) debug macros as build options · 37bd4ba9
      Conrad Meyer authored
      options.  While here, alpha-sort the debug section of sys/conf/options.
      kernels.  It is similar in nature and cost to other use-after-free pointer
      trashing we do in GENERIC.  It is probably reasonable to enable in any arch
      GENERIC kernel that defines INVARIANTS.
    • Kristof Provost's avatar
      carp tests: Basic functionality test · 47308803
      Kristof Provost authored
      Set up three vnet jails, bridged together. Run carp between two of them.
      Attempt to provoke locking / epoch issues.
      Reviewed by:	mav (previous version), melifaro, asomers
      Differential Revision:	https://reviews.freebsd.org/D24303
    • Kristof Provost's avatar
      carp: Widen epoch coverage · 1d126e9b
      Kristof Provost authored
      Fix panics related to calling code which expects to be running inside
      the NET_EPOCH from outside that epoch.
      This leads to panics (with INVARIANTS) such as this one:
          panic: Assertion in_epoch(net_epoch_preempt) failed at /usr/src/sys/netinet/if_ether.c:373
          cpuid = 7
          time = 1586095719
          KDB: stack backtrace:
          db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe0090819700
          vpanic() at vpanic+0x182/frame 0xfffffe0090819750
          panic() at panic+0x43/frame 0xfffffe00908197b0
          arprequest_internal() at arprequest_internal+0x59e/frame 0xfffffe00908198c0
          arp_announce_ifaddr() at arp_announce_ifaddr+0x20/frame 0xfffffe00908198e0
          carp_master_down_locked() at carp_master_down_locked+0x10d/frame 0xfffffe0090819910
          carp_master_down() at carp_master_down+0x79/frame 0xfffffe0090819940
          softclock_call_cc() at softclock_call_cc+0x13f/frame 0xfffffe00908199f0
          softclock() at softclock+0x7c/frame 0xfffffe0090819a20
          ithread_loop() at ithread_loop+0x279/frame 0xfffffe0090819ab0
          fork_exit() at fork_exit+0x80/frame 0xfffffe0090819af0
          fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0090819af0
          --- trap 0, rip = 0, rsp = 0, rbp = 0 ---
      Widen the NET_EPOCH to cover the relevant (callback / task) code.
      Differential Revision:	https://reviews.freebsd.org/D24302
    • Dimitry Andric's avatar
      Merge commit 30588a739 from llvm git (by Erich Keane): · c3ca3130
      Dimitry Andric authored
        Make target features check work with ctor and dtor-
        The problem was reported in PR45468, applying target features to an
        always_inline constructor/destructor runs afoul of GlobalDecl
        construction assert when checking for target-feature compatibility.
        The core problem is fixed by using the version of the check that
        takes a FunctionDecl rather than the GlobalDecl. However, while
        writing the test, I discovered that source locations weren't properly
        set for this check on ctors/dtors. This patch also fixes constructors
        and CALLED destructors.
        Unfortunately, it doesn't seem too possible to get a meaningful
        source location for a 'cleanup' destructor, so those are still
        'frontend' level errors unfortunately. A fixme was added to the test
        to cover that situation.
      This should fix 'Assertion failed: (!isa<CXXConstructorDecl>(D) && "Use
      other ctor with ctor decls!"), function Init, file
      /usr/src/contrib/llvm-project/clang/include/clang/AST/GlobalDecl.h, line
      45' when compiling the security/botan2 port.
      PR:		245550
      MFC after:	6 weeks
      X-MFC-With:	358851
    • Alexander V. Chernikov's avatar
    • Alexander V. Chernikov's avatar
      Introduce nexthop objects and new routing KPI. · a6663252
      Alexander V. Chernikov authored
      This is the foundational change for the routing subsytem rearchitecture.
       More details and goals are available in https://reviews.freebsd.org/D24141 .
      This patch introduces concept of nexthop objects and new nexthop-based
       routing KPI.
      Nexthops are objects, containing all necessary information for performing
       the packet output decision. Output interface, mtu, flags, gw address goes
       there. For most of the cases, these objects will serve the same role as
       the struct rtentry is currently serving.
      Typically there will be low tens of such objects for the router even with
       multiple BGP full-views, as these objects will be shared between routing
       entries. This allows to store more information in the nexthop.
      New KPI:
      struct nhop_object *fib4_lookup(uint32_t fibnum, struct in_addr dst,
        uint32_t scopeid, uint32_t flags, uint32_t flowid);
      struct nhop_object *fib6_lookup(uint32_t fibnum, const struct in6_addr *dst6,
        uint32_t scopeid, uint32_t flags, uint32_t flowid);
      These 2 function are intended to replace all all flavours of
       <in_|in6_>rtalloc[1]<_ign><_fib>, mpath functions  and the previous
       fib[46]-generation functions.
      Upon successful lookup, they return nexthop object which is guaranteed to
       exist within current NET_EPOCH. If longer lifetime is desired, one can
       specify NHR_REF as a flag and get a referenced version of the nexthop.
       Reference semantic closely resembles rtentry one, allowing sed-style conversion.
      Additionally, another 2 functions are introduced to support uRPF functionality
       inside variety of our firewalls. Their primary goal is to hide the multipath
       implementation details inside the routing subsystem, greatly simplifying
       firewalls implementation:
      int fib4_lookup_urpf(uint32_t fibnum, struct in_addr dst, uint32_t scopeid,
        uint32_t flags, const struct ifnet *src_if);
      int fib6_lookup_urpf(uint32_t fibnum, const struct in6_addr *dst6, uint32_t scopeid,
        uint32_t flags, const struct ifnet *src_if);
      All functions have a separate scopeid argument, paving way to eliminating IPv6 scope
       embedding and allowing to support IPv4 link-locals in the future.
      Structure changes:
       * rtentry gets new 'rt_nhop' pointer, slightly growing the overall size.
       * rib_head gets new 'rnh_preadd' callback pointer, slightly growing overall sz.
      Old KPI:
      During the transition state old and new KPI will coexists. As there are another 4-5
       decent-sized conversion patches, it will probably take a couple of weeks.
      To support both KPIs, fields not required by the new KPI (most of rtentry) has to be
       kept, resulting in the temporary size increase.
      Once conversion is finished, rtentry will notably shrink.
      More details:
      * architectural overview: https://reviews.freebsd.org/D24141
      * list of the next changes: https://reviews.freebsd.org/D24232
      Reviewed by:	ae,glebius(initial version)
      Differential Revision:	https://reviews.freebsd.org/D24232
    • Michael Tuexen's avatar
      Revert https://svnweb.freebsd.org/changeset/base/359809 · 07ddae28
      Michael Tuexen authored
      The intended change was
      	sp->next.tqe_next = NULL;
      	sp->next.tqe_prev = NULL;
      which doesn't fix the issue I'm seeing and the committed fix is
      not the intended fix due to copy-and-paste.
      Thanks a lot to Conrad Meyer for making me aware of the problem.
      Reported by:		cem
    • Konstantin Belousov's avatar
      sendfile_iodone: correct calculation of the page index for relookup. · d25f1b21
      Konstantin Belousov authored
      This is yet another bug in r359473.
      Reported and tested by:	delphij
      Sponsored by:	The FreeBSD Foundation
      MFC after:	2 weeks
    • Jason A. Harmening's avatar
      config(8): use sbuf to manage line buffers · 31de6cad
      Jason A. Harmening authored
      PR:	245476
      Reported by:	kevans
      Reviewed by:	imp, kevans
      MFC after:	1 week
      Differential Revision:	https://reviews.freebsd.org/D24373
  3. 11 Apr, 2020 15 commits
  4. 10 Apr, 2020 4 commits